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DETAILED ACTION 

1 . The text of those sections of Title 35 U.S. Code not included in this section can be found 
in the prior office action. 

2. The prior office actions are incorporated herein by reference. In particular, the 
observations with respect to claim language, and response to previously presented arguments. 

3. Claims 1 and 13 have been amended. 

4. Claims 1-21 are pending, 

EXAMINER'S AMENDMENT 

5. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Clint J. Feekes on 4/13/2006. 

Claims 1 and 13 have been replaced with: 

1. (Currently amended) A computer-implemented method for authorizing a second 
client-based application on a client computer to access a service provided by a second server- 
based application based upon a previously provided authorization that authorized the client 
computer to use a first client-based application to access a service provided by [[a]] the first 
server-based application that provid e s a diff e r e nt s e rvic e than said s e cond s e rver bas e d 
application , comprising: 

(a) receiving a request for authorizing the client computer to use said second 
client-based application to access the service provided by said second server-based application; 
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(b) wherein the service provided by said second server-based application is 
different than the service provided by said first server-based application; 

(c) w^herein the request for authorizing the client computer to use said second 
client-based application to access the service provided by said second server-based application 
originates from said first client-based application: 

[[(b)]] £d} in response to said request: 

(i) determining a session length indicating a length of time said client 
computer has been authorized to access the service provided by said first server-based 
application; 

(ii) calculating a hash value for an authorization ticket received from 
said first server-based application, said session length, and a secret shared between said client 
computer and said second server-based application, and 

(iii) transmitting a request for authorization to access the service 
provided by said second server-based application comprising said hash value, said authorization 
ticket, and said session length. 

13. (Currently amended) A computer-implemented method for authorizing a second 
client-based application on a cUent computer to access a service provided by a second server- 
based application based upon a previously provided authorizatio n that authorized the client 
computer to use a first chent-based application to access a service provided by [[a]] ttie first 
server-based application that provides a differ e nt servic e than said s e cond s e rv e r bas e d 
application , comprising: 

(a) receiving a request for authorizatio n authorizing the client computer to use 
said second cHent-based application to access the service provided by said second server-based 
application from said chent computer comprising a hash value, an authorization ticket, and a 
session length; 
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(b) wherein the service provided by said second server-based application is 
different than the service provided by said first server-based application; 

[[(b)]] (sl computing a new hash value for said authorization ticket, said 
session length, and a copy of a secret shared between said client computer and said second 
server-based application; 

[[(c)]] (d) determining whether said hash value received fi"om said client 
computer is identical to said new hash value; and 

[[(d)]] (e) in response to determining that said hash value received fi-om said 
client computer is identical to said new hash value, authorizing said client computer to use said 
second client-based application to access the service provided by said second server-based 
application. 

Response to Arguments 

6. Applicant's arguments file 1/30/2006 have been fiilly considered and in view of the 
above amended claims 1 and 13 they are persuasive. 

Allowable Subject matter 

7. Claims 1-21 are allowed over prior art of record. 

Conclusion 

7. Prior arts made of record, not reUed upon: 

US patent 5,455,953 is directed to authorization system for obtaining in single step both 
identification and access rights of client to server directory firom encrypted authorization ticket. 

US patent 6,240,512 Bl to Fang et al. is directed to single sign-on (SSO) mechanism 
having master key synchronization. 

US patent 6,510,464 is directed to secure gateway having routing feature. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Taghi T. Arani whose telephone number is (571) 272-3787. The 
examiner can normally be reached on 8:00-5:30 Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this appUcation or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-0197 (toll-free). 
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